17426 Total CVEs
8726 AI Analyzed
264 CISA KEV
3526 Critical
All Vendors
Showing 6201-6250 of 17426 CVEs Page 125 of 349
CVE-2026-24898
Analyzed
10
Unknown OpenEMR (MedEx Module)

An unauthenticated token disclosure in OpenEMR's MedEx callback endpoint leaks API tokens, leading to PHI exfiltration and HIPAA violations.

2026-03-04
CVE-2026-24897
Analyzed
10
HP Multiple Products

Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files...

2026-01-29
CVE-2026-24893
8.8
Unknown Multiple Products

openITCOCKPIT is an open source monitoring tool built for different monitoring engines

2026-04-15
CVE-2026-24892
7.5
HP deserialization pattern

openITCOCKPIT is an open source monitoring tool built for different monitoring engines like Nagios, Naemon and Prometheus

2026-02-21
CVE-2026-24891
7.5
HP Object Injection

openITCOCKPIT is an open source monitoring tool built for different monitoring engines like Nagios, Naemon and Prometheus

2026-02-21
CVE-2026-24890
8.1
Unknown Multiple Products

OpenEMR is a free and open source electronic health records and medical practice management application

2026-02-26
CVE-2026-24884
Analyzed
8.4
Arch Compressing

Compressing is a compressing and uncompressing lib for node

2026-02-05
CVE-2026-24882
8.4
GnuPG Multiple Products

In GnuPG before 2

2026-01-28
CVE-2026-24881
8.1
GnuPG Multiple Products

In GnuPG before 2

2026-01-28
CVE-2026-24880
7.5
Apache Tomcat via

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk extension

2026-04-11
CVE-2026-24875
7.8
Unknown Multiple Products

Integer Overflow or Wraparound vulnerability in yoyofr modizer

2026-01-28
CVE-2026-24874
Analyzed
9.1
Unknown Multiple Products

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in themrdemonized xray-monolith.This issue affects xray-monolith: before 2...

2026-01-28
CVE-2026-24873
7.8
Rinnegatamante Multiple Products

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita

2026-01-28
CVE-2026-24872
Analyzed
9.8
Unknown Multiple Products

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

2026-01-28
CVE-2026-24869
8.1
Unknown Multiple Products

Use-after-free in the Layout: Scrolling and Overflow component

2026-01-28
CVE-2026-24868
7.5
Mitigation Multiple Products

Mitigation bypass in the Privacy: Anti-Tracking component

2026-01-29
CVE-2026-24858
KEV Analyzed
9.8
Apple Multiple Products

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, Forti...

2026-01-28
CVE-2026-24856
7.8
Unknown Multiple Products

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles

2026-01-29
CVE-2026-24854
Analyzed
8.8
ChurchCRM Multiple Products

ChurchCRM is an open-source church management system

2026-01-31
CVE-2026-24853
Analyzed
8.1
Caido Caido

Caido is a web security auditing toolkit

2026-02-14
CVE-2026-24849
Analyzed
9.9
HP OpenEMR

An arbitrary file read vulnerability in OpenEMR allows any authenticated user to access sensitive files on the server filesystem via the EtherFax comp...

2026-02-25
CVE-2026-24844
Analyzed
7.9
Chainguard Melange

melange allows users to build apk packages using declarative pipelines

2026-02-05
CVE-2026-24843
Analyzed
8.2
Chainguard Melange

melange allows users to build apk packages using declarative pipelines

2026-02-05
CVE-2026-24842
8.2
Unknown Multiple Products

node-tar,a Tar for Node

2026-01-28
CVE-2026-24841
Analyzed
9.9
Docker Multiple Products

Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a critical command injection vulnerability exists in Dokpl...

2026-01-28
CVE-2026-24840
8
Dokploy Multiple Products

Dokploy is a free, self-hostable Platform as a Service (PaaS)

2026-01-28
CVE-2026-24838
Analyzed
9.1
Microsoft Multiple Products

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, m...

2026-01-28
CVE-2026-24837
Analyzed
7.6
Microsoft Multiple Products

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem

2026-01-28
CVE-2026-24836
Analyzed
7.6
Microsoft Multiple Products

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem

2026-01-28
CVE-2026-24834
Analyzed
9.3
Kata Multiple Products

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In...

2026-02-20
CVE-2026-24833
Analyzed
7.6
Microsoft Multiple Products

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem

2026-01-28
CVE-2026-24832
Analyzed
9.8
Unknown Multiple Products

Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

2026-01-28
CVE-2026-24831
7.5
Loop Multiple Products

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1

2026-01-28
CVE-2026-24830
Analyzed
9.8
Unknown Multiple Products

Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2.

2026-01-28
CVE-2026-24828
7.5
Unknown Multiple Products

Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine

2026-01-28
CVE-2026-24827
7.5
Unknown Multiple Products

Out-of-bounds Write vulnerability in gerstrong Commander-Genius

2026-01-28
CVE-2026-24792
Analyzed
8.1
Unknown Multiple Products

in OpenHarmony v6

2026-05-19
CVE-2026-24790
Analyzed
8.2
Unknown Multiple Products

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication

2026-02-21
CVE-2026-24789
Analyzed
9.8
Unknown Multiple Products

An unprotected API endpoint in the affected software allows unauthenticated remote attackers to change the device password, leading to complete unauth...

2026-02-12
CVE-2026-24788
Analyzed
8.8
Unknown Multiple Products

RaspAP raspap-webgui versions prior to 3

2026-02-02
CVE-2026-24783
7.5
Unknown Multiple Products

soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts

2026-01-28
CVE-2026-24781
Analyzed
9.8
Node.js (vm2) vm2

A sandbox breakout vulnerability in the vm2 library's `inspect` function allows attackers to escape the sandbox and execute arbitrary commands on the...

2026-05-05
CVE-2026-24779
7.1
Unknown Multiple Products

vLLM is an inference and serving engine for large language models (LLMs)

2026-01-28
CVE-2026-24778
8.8
Ghost Multiple Products

Ghost is an open source content management system

2026-01-28
CVE-2026-24773
Analyzed
7.5
Unknown Multiple Products

The Open eClass platform (formerly known as GUnet eClass) is a complete course management system

2026-02-04
CVE-2026-24772
8.9
OpenProject Multiple Products

OpenProject is an open-source, web-based project management software

2026-01-29
CVE-2026-24770
Analyzed
9.8
Unknown Multiple Products

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "...

2026-01-28
CVE-2026-24765
Analyzed
7.8
HP Multiple Products

PHPUnit is a testing framework for PHP

2026-01-28
CVE-2026-24763
Analyzed
8.8
OpenClaw Multiple Products

OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices

2026-02-03
CVE-2026-2476
7.6
Mattermost Multiple Products

Mattermost Plugins versions <=2

2026-03-17